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(54) DATA MANAGEMENT SYSTEM 
(57)Abstract: 

PROBLEM TO BE SOLVED! To ensure security of data 
in a network. 

SOLUTION: (1) An author A indicates a copyright label 
(LO) to a data management center to request the 
distribution of an original private key (Ks0)_ (2) The 
center encrypts the L0 and its corresponding key KsO 
with a public key (Kba) of the author A and distributes 
the encrypted original private key (CksOkba) to the 
author A In this case the center applies un directional 
hash processing to the LO to generate a label 
fingerprint (DO) and distributes it to the author A (3) 
The author A decodes the key (CksOkba) with a 
specified key of the author A and encrypts original work 
data (M0) with the decoded KsO and transfers the 
encrypted M0 f the L0 and the F0 to a first user U1. (4) 
The first user U1 indicates the L0 f the F0 and a 1st 
user label (Lu1) to the center to ask for the distribution 
of a 1st private key (Ksl). (5) the center confirms the 
user to be a legal user through the F0 f registers the 

label Lu1 and encrypts the KsO and the Ks1 with the public key of the first user U1 and 
distributes the result to the first user U1. (6) The first user Ul f decodes the encrypted keys by 
the specified key of the U1 and uses the KsO to decode the encrypted data. 
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* NOTICES * 



JPO and HCIPI are not responsible for any 
damages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect 
original precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS ^ 

[Clairn ( i?it is the data management system which manages the digital data transmitted to a 
data user from a data owner through a communication network In the aforementioned data 
management system A private key, a public key, an exclusive key, a data owner label, a data 
user label, and a data label are used, and; data control center links with a public key storage 
engine and a private key generation engine. While it is arranged on said communication network 
and the; aforementioned data control center attests the public key of said data owner and said 
data user Are keeping said data owner label, said data user label, and said data label, and the; 
aforementioned data owner presents a data owner label and a data label. Require the private 
key for data encryption of said data control center, and the; aforementioned data control center 
creates a data label fingerprint from said data label. Distribute among said data owner the 
private key for encryption enciphered using the public key of said data label fingerprint and said 
data owner, and the; aforementioned data owner enciphers data using said private key decoded 
using said data owner's exclusive key. Transmit said encryption data, said data label, and said 
data label fingerprint to the first user, and the data user of the; aforementioned beginning 
presents said user label of the first data user, said data label, and said data label fingerprint 
Require the private key for [ said / which is data re-enciphered ] having decoded with the 
private key for decoding said encryption data in said data control center, and the; 
aforementioned data control center checks the justification of said data label with said data 
label fingerprint While registering said first data user's user label It enciphers using said first 
data user's public key, and the private key for [ said / which is data re-enciphered J having 
decoded with the private key for decoding said encryption data is distributed to said first data 
user The data user of the; aforementioned beginning Said private key for a decryption and said 
private key for re-encryption are decoded using said first data user's exclusive key. Decode 
encryption data using said private key for a decryption, use. and said decoded data are 
enciphered and copied [ save and ] using said private key for re-encryption. Said encryption 
data are transmitted to the next data user with the user label of a data label, a data label 
fingerprint, and the first data user. . 
[Claim 2] The data management system according to claim 1 with which copynght registration 
is performed when said data owner shows a data control center said data owner label and said 

data label. . _ . , , 

[Claim 3] The data management system according to claim 1 with which processing of said date 
is performed by the user of data, and the contents of processing of said data are added to said 

data label. . . 

[Claim 4] The data management system according to claim 3 with which secondary copynght 
registration is performed when said data user shows a data control center the data label with 
which the user label and said contents of processing of said data were indicated. 
[Claim 5] The digital data managerial system of claim 3 or claim 4 said whose data are p uralrty. 
[Claim 6] Claim 1 and claim 2 by which a digital signature is performed on said data label, claim 
3, a data management system according to claim 4 or 5. 

[Claim 7] Claim 1 to which accounting is performed based on said data user having shown the 
data control center said user label and said data label, claim 2. claim 3. claim 4. a data 
management system according to claim 5 or 6. 
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r a to c i a i m 7 to which said accounting is 
[Claim 8] The data management ^ £^l£X*m* method, 
performed by the ^^"^^^oXI to claim 8 with which said operatmg- 
[Claim 9] The data m ^^ n \^^°^^o\ center. 

hz^^ - d r 8 wrth which said 

SSSS^Si Hng data are -^^S^SL 7 to which said accounting is 
[Claim 11] The data management system accoromg 

performed by the prepayment method. , . ^ , with whic h the data of said 

[Claim 12] The data management s V^* m *^ d ' ng 

prepayment are kept in the ^°^^^S*ng to claim 1 1 with which the data of said 
[Claim 13] The data management system accoromg 

prepayment are kept by a user's equipment structure, and only the data body 

J^^S^ST- ^ £X - Ca, m 14 with which «H of - 

bodies are enciphered. „^^j;„ < r to claim 1 5 with which said some of data 

[Claim 16] The data management system according to cla.m io wrui 

bodies are enciphered continuously. hi h said some of data 

[Claim 17] The data management system according to cla.m 15 w.tn w 

bodies are enciphered by d [ sc °. n * 1 " u ^; . . . the usua , file structure, and a data header and 

header and all of said data bodies aro / nc, P^* . . 18 ^ which sa}d a part of data 

[Claim 20] The data management system accordmg to da.m 18 with wn.cn 

header and some data bodies are j^ptere d. structure, and only the data 

er saw ^r^^rPBSr, % Mm *• d -" 9 - d3im 

headers are enciphered. „i„: m 91 with which said a part of data 

[Claim 23] The data management system according to claim 21 wrth wh.cn sa.a p 

claim 11. a data management ^^^^ wnic h said some of 

[Claim 25] The data management system accordmg to claim witn 

copyright labels are enciphered. ...... . ■ « <*r..^hire of an object format, and the 

data owner through broadcast, a commun.cat.on ^^J^J^Tw label< and a data 
In .this data management system A ^f^^^^ ItubTc key storage engine, 
label are used, and; data control center and a ^ c ^^J^JJ tionBd data control center 

£ 3 MT^MKSi- - — - - - 

user s equipment after use termination. d in said data 
[Claim 28] The data management system according to claim 27 wh.cn 

user's equipment by eliminating said data, d . sai{J data 
[Claim 29] The data management system acCor * ng .£^^ 
user's equipment by forming said data into an one d,rect.on hash value. 
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kev and is saved in said data user's equipment _ . .... 5 _ 

SSTS'S dai° iS^SUn according to Cairn 31 with which only said processing 

^312^2: d d e?odes e s3id encryption processing .aba, using said next data 
25? Elusive key. said processing label is enciphered using said next user , , ^P^ey and ,t 
Lnsmte to said next data user - having -. said decoded processing label - said data 
control center - showing - said data control center - said processing label - 
based - data — said next data user — transmitting — ; — said next user processes data with 
the processing data of said processing label, and uses ■ A data management system according 

to claim 32. , . . . , 

[Claim 34] said first user — said processing data — said next user — transmitting , — said 
next data user — said next data user — said processing data — said data control center — 
showing — : — said data control center — said processing label — being based — data — said 
next data user — transmitting — — the data management system of claim 32 which said next 
user processes data with the processing data of said processing label and uses, 
[Claim 35] The data management system according to claim 34 with which said first user 
performs a digital signature on said processing label using said first user's exclusive key 
[Claim 36] Claim 28 and claim 29 whose data are plurality, claim 30,. claim 31. claim 32, cla.m Jd. 
a digital data managerial system according to claim 34 or 35. , . 

[Claim 37] Claim 27 to which accounting is performed based on said data user having shown the 
data control center said user label and said data label, claim 28. claim 29. claim 30. claim 31, 
claim 32, claim 33. claim 34, a data management system according to claim 35 or 36. 
[Claim 38] The data management system according to claim 37 to which said accounting is 
performed by the operating-experience meter ring reversionary method. 
[Claim 39] The data management system according to claim 38 with which said operating- 
experience meter ring data are kept in the data control center. 

[Claim 40] The data management system according to claim 38 with which said operating- 
experience meter ring data are kept by a user's equipment _ 
[Claim 41] The data management system according to claim 37 to which sa.d accounting is 
performed by the prepayment method. ^ 
[Claim 42] The data management system according to claim 41 with which the data of said 
prepayment are kept in the data control center. 

[Claim 43] The data management system according to claim 41 with which the data of said 
prepayment are kept by a user's equipment , . . . 

[Claim 44] Claim 28 as which said digital data has the usual file structure, and only the data 
body is enciphered, claim 29. claim 30. claim 31. claim 32. claim 33. claim 34. cla.m 35, claim 36, 
claim 37. claim 38. claim 39. claim 40. claim 41, a data management system according to cla.m 

42 or 43. ...... .j r j * 

[Claim 45] The data management system according to claim 44 with which said some of data 

bodies are enciphered. * j * 

[Claim 46] The data management system according to claim 45 with which said some of data 

bodies are enciphered continuously. ■ - .... * j + 

[Claim 47] The data management system according to claim 45 with which said some of data 

bodies are enciphered by discontinuity. , , . 

[Claim 48] Claim 28 claim 29 as which said digital data has the usual file structure, and a data 
header and the data body are enciphered, claim 30. claim 31. claim 32. claim 33, claim 34. claim 
35. claim 36. claim 37, claim 38. claim 39, claim 40. claim 41, a data management system 
according to claim 42 or 43. . _ . . 

[Claim 49] The data management system according to claim 48 with which said a part of data 

header and all of said data bodies are enciphered. 

[Claim 50] The data management system according to claim 48 with which said a part ot data 
http://www4/ipdl.ncipi.gojp/cg^^ 04/ J 1/22 



header and some data bodies are end P h ^ e J- , . +!t h „ ^ usua | fi| e structure, and onhr the 
DM. «1 » d*. » - ^"at^S,^ rSLS 34. d*, 35. Cain, 36. 

«^^lr&^ m 3 Vl?a daJn^-ncnt — • accord,n g to d« 

££. «l The da* .nanascment systen, according to d*. 51 w*h which a» of said data 

headers are enciphered. »^^ ftr rfi n s to claim 51 with which said a part of data 

[Claim 53] The data management system according to claim o wru 

EZ^?li££l£^ according to dain, 54 with which said son,* of 

^tdtt* ^^^bt^^^lil^^ and apriv*e 

date using said decoded private key for encryption, send to said broker, and the. 

broker decodes said encryption commercial ^-^^ f 6 
kev for encryption. Transmit said decoded commercial transaction data to said I need person 
w£n said oriv^te key for re-encryption which re-enciphered using the private key for re;- 
SS5£W« «*nJLl^ said need persons public key, and the: -J^-J^fc-f 
need^erson decodes said private key for re-encryption using sa,d need person s exc lus„ e 
Said encryption commercial transaction data are decoded us.ng said decoded P™«^™ 
r^nor^tion. Write down an order matter in said decoded r^.^Sll? 

enc^t^^ 

the person from Norio Saki. and performs order-received P™cessing. 

STaim 58] The data management system according to claim 57 wrth which said d,grta1 date has 
the usual file structure, and only the data body is enciphered. 

Sta"m 59] I The date management system according to claim 58 with wh,ch said some of data 
60] rhfdatemanagement system according to daim 59 with which said some of data 
S£ 5 ^1™^ according to claim 59 with which said some of date 

bodies are enciphered by discontinuity. j.^, data has 

[Claim 62] The date management system according to claim 57 w-th wh'ch saio a gr« 
the usual file structure, and a data header and the date ^ «^J*3f ^ a part of data 
[Claim 63] The date management system accordng to claim 62 with which said a part o 
header and all of said date bodies are enciphered Jatg 
[Claim 64] The date management system accordmg to claim 62 wrth which sa.d a p 

ntte://v™w4.^^ 04/1 ^ 



^^T^^lT^'^r^ claim 87 « which said digital data "as 

s*ucture. and only «^ ^^^SSSw «» «•** * of said data 
[Claim 66] The data management system according to claim 03 win, 

^t^SSri-*-* system accord to dainv65 wfth which said a part of data 
££ «T Thtd^management system according. Cairn « which said digital data has 
Se usual «. structure, and only the J*^"^^, whW> said ^ „ 
[Claim 69] The data management system according to claim o* won ™ 

gE^S Z£££* «— according to claim.STwHKwhich said digital data has 
ST fflc sVucture of an object format, and the method ,s enciphered. 



[Translation done.] 



http://vmw 04/1 1/22 



* NOTICES * 

1Th i s decent Has been t-nslated by — So the Ration may not reflect the 

word which can not be yanked. 
3 !ln the drawings, any words are not translated. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 

£° 001 3 t . r „ lsrfPS to the digital data managerial system applied 

electronic commerce, and electronic money. 

[0002] , ^ , „ w ^hi^h US es mutually various kinds of data 

[Description of the Prior ArtJ The database^ c^uter by the communication 
which each computer saved Information with 

line until now today when it is called the ^^^S^S^ to this database 
,-rtUe amount of information which ^^^J^^l^^s monochrome binary 
system and has been treated by until ^f^eonvuu* |nformat ion like natural 

data like facsimile information in ** and ^eatm^t to deal witn man y data, 

drawing and an animation could not to «r^^™taJ^eS^ignJ« develops, development 
[0003] While the digital processing ^ m ^l^^^^' fotxl ^ sigTals other than 
of a digital processing technique is co ™*^ on ^^'%^° J beco mes possible to treat a 
the binary data currently treated only as : an; ^Ure signal the 
picture signal like a televis.on signal ^ c ^^^^^ vs k | nds which a computer treats, 
"multi-media system which deals with the data ^ °™ ence attraCts attention as a 

and the image data which digitized the picture signal to coincidence ara-a 

SSS S^Tere is much amount of information, if image^ata a ~ 
as compared w*h alphabetic dat, ^^-^^5^^^^' ' 
processings in a computer are difficult for J^on^ression / for some elongation has been 
tinese image data, and the specification .mage d ^^'^^^ & ^ on broadcasting was 
created. In it, MPEG 2 specification ^^^^^p^^Zc image coding 
created as common specification until now from ^f^^S^^uu^ meeting. 
ExpertsGroup) specification for static images. ™'^£££^mZZ> storage, and 

srsss^^ — - ~- image 

i££ ZZSSfiZ^ whenever the analog^ ^£X^£2« 
conventionally carries out preservation, a copy. ^^J^^^J^. Howeler. since 
copyright produced according to these >a^t,es did not become^ bigprob^ ^ ^ 
qualrty degradation does not produce digrtal data ever ,rt rt /ep H produC ed according 

institutionalized also in the Copyright Act ™ mU nication line about the data used 

[0006] the directions of a ^^^^^^ oop*ng and 

effectively and processed by rt : not .only ™ ™ e _ ; b , e to t^^t to others, or to 

processing the usually obtained data rt is rt ««vf^^ . as new data, 

transmit to a database using a suitable storage, further orH.ne. and to registe 

. 04/11/22 
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SSS^S: 3 a r^n. aKhoush Ho» *e copy** £ jfsn^sf 

the place which is the former. communication using the 

[0008] The ^^^^^t^ttonZ other hand until now comparative* 
computer currently Permed on a s crie , ds quickJyt and is 

small, and has been called the Internet in ™^^^£fonnJon which communicates by 
becoming • familiar existence ^f^^^J^T^^ of a technique, voice 

^^^^^^ 

^r Thusl?^ in individual.mail. alteration prevention of the contents, ,nvas«on-of-pnvacy 
^^Mf^P^n^m are required, and if it is in advertisement / ********* : 
data aSe^on pretention of the contents, a perusa. limit, and forged PXeyenbon are ^required, 
rooll] lesion Vprivacy prevention of individual mail and a perusal hm* ofadverbsmg 
advlrtsemeTd^bTcan ZL> by the data encryption, and alteration prevention o ^dual 
l^d advertising advertisement data forged prevention individual ma,, and advert-sement / 
advertisement data is realized by check (authenticate) of an addresser. 

gu12] The security of the system itself of the Internet system wh.ch {^^Jg^^ 
of thinkinc is very brittle. The system for securing the security of the Internet system is 
pro*otS g and ZreTe PEM (Privacy Enhanced Mai.) which takes a layered 

system, and PGP (Pretty Good Privacy) which takes honzorrtal *P^J*™^ 
AlLuKh each of these performs the confidential nature of data authent.cat.on of a sending 
S fnoStered cerSfication of data, the first addresser's display and management of a 
public key, each limit of reuse including processing of data is •'"possible. 
[0013] iL the top engine called IPRA (Internet PCA Registration 
takes a layered structure It organizes with the engine like a degree called PCA ^ 0 " cV 
C^IZTa^) (Organlational). It consists of lowest engines "~*£%Z»^ 
area (Residential) and an individual (Personal). Guarantee engine of T b !Skey 
Authorities) The justification of the public key is guaranteed by publ.sh.ng the public key 
^c^ whbh carried out the digital signature to data, such as a lowing engine s name. 

Ket^ the juration of the ^i^^^^S^ 

others who can trust it publish the public key certificate which earned "J™2ESnfe 
Tdata, such as a name of a public key. There is the approach of call ,ng ^*"*£E> key with 
fingerprint which checks with voice the hash value of 16 bytes ^ hashe f.*^ m C D ^ ofa 
one lection hash (hash) functions, such as MD5 (Message Digest 5). as a simple symptom of a 

^M^^* no problem about an authentication person at PEM which takes a 
http://www4.ipdl.ncipi.go jp/cgHMn/tran_web^cgi_ejje 04/11/22 



j :*u dod ;+ cannot necessarily be said in the grass 
layered structure when PEM is hand, although it is a large 

roots Internet system that* , f a . comm °"/^£ " when the signer who can trust it is not 
employable system that PGP is simple and generally, wnen 

found, it cannot use. ^ mvMte bv the stand-alone is conventionally 

[0016] By the way. each computer ™™ tiv " S J^^^ network system, the 

connected through a network system with b ^ an application program and 

database system which shares ^^ou* a ne^ to te basic software further called an 
the distributed object system shared through a netwom to 

operating system are proposed. ,. ,, , ^'l. an obiect which both data and 

C0017] A disputed object system - -g" *^ r " | ^l ^ d^fuSd object system wHh 

and data, and i^ougnwe user-T mhi<jh ^ ps . rfoims 
PW ^^f daL TOfser^ ^ ^system is pushed farther, a server also performs 
ES* ^user^'rmlrrequipment has on* the function of C/0, but e»en what the who.e 

svstem functions on as one computer is considered. 

SoisTMoreover, the entrepreneur who offers network bases, such as a ^""^J? 1 ; 6 - 
offers accounting systems other than a communication line, a security system. ■ .copyright 
m^ria ^sy^tem ^, authentication system, eta as another gestalt of a network system, and 
TSE^ZSZ ^ease network system" called the license network wherea ^ 
eXpreneur does like a self system using such system sendees, and undertakes a network 



business. 



[Summary of the Invention] An artificer proposes the digital data managerial system ^r^n e 
safeTreservation of the digital data protection of copyrights in a computer network system, a 
ZZSEZSi object sysC and a usual license network system, and electron* commerce 
data, and safety reservation of electronic money data in this application 
[0020] The 1st digital data managerial system consists of the onginal «£>ra*p«™ * 
information provider using the data control center and network on a network, and two or more 
U seT A data control center grasps the data use situation by the demand of a P«^e key ^ h,le 
distributing the data encryption private key to authentication f^^^.J^S^id 
network user's public key. Although it is enciphered using a private key 

transmitted, preservation and the data to transmit are encphe ^^^f^^^J^ 
f^m the private key of the transmitted data. Moreover, a original data 

data, a processing data label is added to processing data, and a date E^^^^ to 
perform storage of data, but performs only storage of a original data label ^"^"J,™ 
Although a user label is used for the demand of a private key, the electronic fingerprint of a 
user label can also be used instead- rf «. ^ ri-a+a 

[M21] The 2nd digital data managerial system consists of two %^^^J^^o>k. 
control center, the original copyright person or informat,on provider .and 
A data control center performs storage of a user label Hara data label and a P™™**^* 
label while P*^£^ 

w^th^ ^ a data label is used for a transfer and a use 

application, the electronic fingerprint of a data label can also be usee '"stead. 
[6022] In an electronic commerce system, all data crculate through the bnrior on. 
the data transmitted to a need person from a producer are enciphered with the prrvate key for 
Tncryption. and the data transmrtted to a producer from a need person are enciphered with the 



private key for re-encryption. 
[0023] 



Sple] As an example of this invention, although the 1st example - tfne Sthexample are 
explained, the fundamental matter common to these examples is explained first. 

« « . * . . - 04/11/22 
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The engine for attest the copyright person of original ^^jJCS— ^ 
ProvidenIP) of original paper "<>^^ Although this engine 

of original paper crops .s requ.red of tcer^cate ^> r ™ cngineg can ma ke it 

may be the only thing. two or more en^J^ ^ Bnk to an existe nce case, 

possible to consider that he ,s one engine ^^"^^"^ phase wrt h which the set and 
[0024] Moreover, in this system a ^l^^^^Z ^ed. In these, an exclusive key 
work of the key only for public key - ^•^J^'^^." digi tal signature to the public key 
secures dependability, when a certrficate a ^^M^tnJb^ Although the key 
with which each user manages iXS^^^ ™* * * distributed 

management engine called a key ^J^^Trn^L to link the engine which has an 
tXnSc^n S^T^S^ engine, or has an authentication funCon can 
have a key management engine s function. [cryptographic key] use is carried 

[00251 The key system and digrtal ^f ure ^^^^^^ a 'common key 
out are explained briefly. Since encryption and a ^ke a key secret - a private keV 

system" with the same key for . ^TJ^l^'^t DeS^ Encryption sLidard) 
(secret key) system is called a pnvate The ^QData^ncryp^ ^ ^ 

system of NBS (National Bureau of Standa^^ as 

- ,ained a private key is 

displayed as "Ks. fnriVate kev) made secret in addition to the 

M=0 (Ck, K) 

[0028] Although a data encryption / deon^on 
o^=^^^^ 

^^^^^^^^^^^ 
SJe opera^g system is desirable. Moreover, more advanced safety can be obtained by 

performing these processings using an IC card or a PC card v 

[0029] There are an approach of ■J**""^^ of 
as an approach of ensuring accounting according to use of Laccotinungj o . ati 
performing accounting according to an operating experience ^f£*^"£E ring 
experience is ^"p*^ l^^cZ^t = a STpZ- 
= SSPTSt^^ --yTs reduced a ceding to 
using the card in which the purchase amount of money was entered beforehand in rt 

rittpy/www4.ipdl.ncipi.gojp/cgH>iri/tranjweb_cgj_ejje 04/11/22 



F ^ermore, there are a W^S££S2SSJ« 

SSt card method with wh » ^5^^^^^ h kept at the user side, 
server side, and a prepaid card ^ d J^™^ shown when registering 

[0030] In the 1st example - ^^T^^^L a user labe.. it transmits to a user, and 
that a user uses a system, ^J^^Zr ^ and a system, the key only for users 
the user keeps the user pub '' c ^ y u ^^ p equiprne nt. As these storage areas, although 
and the public key of a data control center in n s q p ^ equipment in 

an IC card or a PC card .s ^^i^X^i^^ ° r *• P ° °™ & ^ 
equipment The cryptographic key storage ^w«cn y 

safe* higher than the key management * ^S?3^& which manages digital data 
[00311 Although the example explained ^'^^^^^rtainty. and dependability, such as 
copyright it has the digital data *^*™*Z^c ^Z7o, data and electronic money 
the contents of * c °rTd^ data, and can apply this invention 

data, and the contents of dealings, are ►W£«d hich ^^tes the engine and 

Sy^^ inthe 

the engine of all <^JJ *^ B tSS^^ to protectee copyright of data 

[00323 By [label] this invention, since a . ,ah f ' '% US ^j Rawing 3 are first used and explained 
and to use data copyright, dj^win^ drav^ ™ j™^^^ drawing 1 

about a label. In this system, although ^^0^0^ T£d owner furthermore 
(a), a label owner's about original paper crops 

has original copynght, as rt is ^own.n^gw^W, essed orig5na , paper crops, and 

is added. In being the processing work ^ jj*^^ a P faout original copyright data, the 
was obtained, as it shows "^^^^JSTKc^ scenario) are added further 
information on a processing tool. ^^JSScwsinE program) can also be added instead of 
As shown in drawing 1 (d). a P^^°^ label", the call, and the 

processing tool information. The label wrth which ^e copy^Ma . ^ ^ ^ 

processing scenario further shown ,n drawjnjLi Co) S^^W^^U and drawmgj. (b) in the 
with which the information on the wo * shown ,n a u. ^ ^^^^5^ was 
label with which only a label owner's information , shown , in ^ drawrngj. w w 

indicated is called a "processing label MlhM ^ete information, when 

[0033] A user label is Beneratedby the ^ date c 0ntrol center when the 

a user joins a system. A copynght label is contents A processing label is 

author who wrote a book shows a tho^roc'sed^aSishows a data contro. 

created by the data control center when **" S "/£°£ &rft saved in a data control center 
center a user label and a processing scenario, and these are savea in 

while they are transmitted to eac *^°™ land work data is shown in [object of encryption] 
[0034] The relation beb*een e , copynghrt labe ami work ^ ^ ^ ^ ^ 

hawing 2 (a), drawing^ ^"^^^oi data as shown in drawing 2 (a), and it was 
where it is separated from the header of work_ work'data is being unified, the 
indicated in drawing (0 as the case where the header of datais being ^ ^ 

copyright label may have combined ^ the header, the extended 

and a label correspond. When the copynght ^^J^JJ snown in drawing 2 (d) 
label configuration which put two or more copynght the"e^ndTd label 

can be performed. If the number of labels peases _ too to coXin a label to the 

configuration which combined two -or more (b) has a limit 

single header which ,n ^^^Jt^S were shown in dr^tw) is taken, a 

L^d^of^ 

^rrSTS r^^S^^ in « (a). It is the part as 
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,*U 4 rectangular «ask par* -.-^^ te^^d^uX^^wn 
enciphered when a copyright label ,s not = n ^^^ *tab3X not enciphered As copyright 
in dasor^Z Cd) even if it was thecas = 'where . ^%^££Z™ 6 ^ I was shown in 
HS^fef * a n , the copyright ^^^Xrl^n^ich the «yptographic key of 
drawjnEj (c) and dra^ps^ (d) 7h ^™^S | ^SSi. contained in the copyright label added 
2L° rSTJ£t*tl *e Z^JSZZm — b*»- added by this configuration 

a data £ S»^"^^3S1SX. 

encrvpWdecrypt.cn .s act.vrt.es wrth a ^ buMen p d of 

iM^SM^ ^ case the Sd. 

sp:^^^ ~ 

than text data. . H ra „iinir 4 (d) drawing 4 (eX drawing 4 (f), and 

[0037] Drawing 4 (a), drawing 4 (b). drawing 4 (c) ^^ ^^^^ part as which the 

[0^To^Xr^nd™rin ta S^«.X *. data body se^on has ^approach 

SoTol Having been shown in drawing (d) prepares two or more ^ 
data body into the data body, as the effectiveness by the configuration of draw.ng 4 loj 

^Twhafw's shown in drawing 4 (e) is an approach called SKIP (Simple *«r™W^ 

SoVatwever, since the whole data body section is enciphered in . , sonfig, «^»«* | 
been shown in drawin g 4 (e). the activity burden of 

case of a configuration of having been shown in aVawjn&4 (e). If ™* ^J"^"^^^,, 
correspondence to this by the configuration shown , ^S^^S^S^A^X^ it 
shown in drawing 4 (c) is used only as the head part and c°nstrtxrted hke 
is only ****ofthe data body part that it is necessary encryption/to decrypt, the activty 
burden of encryption/decryption will be mitigated >»n«ta^ ^ combining the 

[0043] In the configuration shown in drawing^ (e), as was shown m 2™em^™ *^ 
cX-ation further shown in drawing 4 (d). effectiveness ^^^tL L^^ 
as ^configuration which prepared two or more encryption sections in the data body 

So^e data encryption / decryption configuration ^f^^ 1 ^^^ of 
^Sa^s^he^^ SSSS ilMitSi- S-e 
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format consist of the data body section and a data header unrt. and consist of copynght labels 
which are further attached or are related in this invention, tt is the "sage of a theorebc code 
which was shown in drawing 5 (a), and it does not coincide, but only the data body jetton is 
enciphered, and a copyright label and a data header unit have the very large activrty burden of 
encryption/decryption like the case where it is drawing 4 (a). xl. u 

nSS On the other hand, as shown in drawing 5 (b), the data body section has the approach 
which does not encipher but enciphers a data header unit In this case. s.nce rt ^omes 
impossible to recognize data to encipher all headers, a part of header is not encphered. In 
addition, a copyright label is not enciphered in this case, either 

C0046] Moreover, as shown in drawing 5 (c), the data body secbon and a dal^ header unrt have 
Se approach which does not encipher but enciphers a copyright label. In addruoru since the 
relation hetween a copyright label and corresponding data will become unknown rf all copyright 
labels are enciphered also in this case, some copyright labels are not enciphered 
[0047] There is "object oriented programming (object oriented programing) which performs 
various processings using the "object" with which the date header and the program wh.ch 
treats data and data instead of the file of the usual format which consists of the data bodies 
were united on the other hand The object has the underlying concept structure s howr . in 
drawing 6 (a). The data called an instance variable (instance variable) to the stonng part called 
the slcS (s lot) in the container (envelope) called an instance (mstence) are ^° re * ™ e 
perimeter of a slot is surrounded in the procedure called one piece or t*o or more methods 
(method) the object for reference (refering). the object for processing (processing), for ■ 
a^ociaiL (binding), etc. It can perform referring to or operating an ^T^^ 
through a method, but this function is called concealment (encapsulabon) Moreover, the 
Sucuon from the outside which makes reference or actuation of an instance vanable 
perform in a method is called a message. 

[0048] If this changes a view, and a method is not minded ^^^fl^^: 
be referred to or operated will be protected by the method. Th.s is used and rf rt is not the 
message which enciphers a method and can decode the enciphered method as sh = 
drawing 6 (b). it can avoid referring to or operating an instance ^^^J^^ 
•^possible to use an object when all the methods are enciphered hke the case of the data 
Xfthro the usual file format shown in drawing 5 (c) also in this case, a part of method ,s not 
entered. In addition, it is the part as which the part of four rectangular flasks was 

toSSuS example] drawing 7 explains the 1st example. f»^^J^^^^ 
to the next user is explained without a user processing onginal ^ " 
theoretic explanation, the case where a user processes onginal paper 

later. In addition, the case where processing of original paper crop ^JT^^^^ 
and the case where processing of the original paper crop data exp lamed in ^ e ^ xar "^ 
shown later is performed are put together and carried out. In addrbon ^ the system ^ftfiis 
example, a private key and the key only for public key - are used Therefore. 
management engine and a private key generation engine may be hnked or contamed m the data 

[SKI) ?he original paper author (data owner) A presents the original copyright label L0. and 
demands 3 dJsX£n of*, original private key KsO of ihe date 

the original paper author transfers or deposits [ management ] ongmal paper cr f P ^ an 
Monition provider (IP) or a database, and an information provider (IP) or a ^tabase can ^p ay 
the original paper authors role. Moreover, although rt is also.poss.ble to enc.pher^ tte ongina^ 
paper crop date MO, without the original paper authors A keepmg.the ongmal pnvate ^ey KsO, 
and being dependent on the date control center Cd, in order to use *e ongmal paper ^crop da ta 
MO by the user (data user), the original private key KsO needs to be kept m the data control 

£S£] S) The date control center Cd of which distribution of the original r™f«^™™ S 
required enciphers the original private key KsO to which the ongmal copynght lab* LOwas 
made equivalent using the original paper author's A public key Kba wrth the ongmal copynght 
label LO, and is CdsO kba=E (KsO, Kba). 
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distributed so that it can decode only at a **J*^^Sd for the data control center Cd for 
transmitted with work data. A „„ rtm +; rt n Hara orivate key CksOkba was 

copyright label fingerprint FO are transmitted to the 1st original 
[OOoflOO The 1st user U1 to whom encryption ! ° n |"^^* J^^Sed presJis the 
copyright label LO. and the "^.^^^^^^JSTSTlrt user label Lul, 

SSSS^S. SI control center O^^J^J^^^Z^ 

^^^^^^ 

users U1 public key Kbl, and it is Cks0kb1=e (KsO, KM). 

gSJSSSSlilSJ-. -<ey <*sC*b1 and 1st pHvate Key <W encryptionlkbl are distributed 

to the 1st user U1. cksOkbl and 1st private key 

[0056] (6) The 1st user U1 to whom encryption Hara pnvate key p j 

^^C^^^ and is KSO* 

(CksO kbl. KvD. 

^c^orijnlT paper crop data CmOKsO * decoded usingthe decoded crigba, private Key 
KsO, and it is M0=D (MO. KsO). 

-decoded when the ori^na, paper crop data MO 

H^t^ 1st 

original paper crop daia MO to the 2nd user ^^^XLeT ^d£SS«1 with the 

decoded private key Ks1, and transits as e .^^^" a ^o ^ P tne 1st user label Lu1. 

origina. copyright .abel LO, the original hash value 

[0058] In addition, the digital signature of the label ^^JS^.^ibd which each 

using a users exclusive key on ^ f^J^^J^^^^^ m encryption one 

user shows to the data control center Cd, a data control center can oec 

side tropism hash value usingthe user's pubhc key.^nd ^atd Sd cornparing 

verified by [ of the label ] calculating a tropism hash value on the other hand, ana c 

both the 1 directivity hash value. dat _ c m oks1. the original 

[0059] (7) The 2nd user U2 to whom ; «^ptJon onejndh W»J££ CrnOks ^ 

copyright label LO. the original c °PV ri ^ !* b , e ^ fingerprint F0. 
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, J - ... u«, K*!> was reouired checks the justification of the original copyright label LO arid 
*e ZEXEfiZZZS?^ copyright ,abe, fingerprint FO. When it is checked that 

a^SSSS 00X^0%,. 1st user labe, Lu1 using the 2nd user's puoiic 
key Kb2, and is Cks1kb2=E (Ks1 . Kb2). 

?s?prtaStS encryption!^ and 2nd private key Cksof encryption^ are diluted 

arnongwhon, ?^£™%^£X£S££ 

(Cks1 kb2. Kv2). 

ESSE^SE^ ^ cm0ks1 te *-* d ^ *• 1st decodod private key KsV 

and rt is M0=D (CmO ks1, Ks1). 

«• ^enciphering 

Senate h* Ksl savin, ^^^^^t^Z^^ 
transmitting the original paper crop data MO to the 3rd user U3 tt etrapn ^ 

K^^Sfto^^or ^^ r ^- C ^r F 0.the 

^rjWS^SS. 'r^KSS^ priva* key « is 

required of the data control center Cd- a-m**-*™ of the 2nd private key Ks2 and the 

r0064l (ID The data control center Cd of which distribution of the Znd private «vy 

the 3rd user's U3 pubUc key Kb3, and is Cks2kb3=E (Ks2. Kb3). 

Cks3kb3=E(Ks3,Kb3) r . nf ~ nr >rvt3tion3kb3 are distributed 

2nd private key Cksof encryption2kb3 and 3rd private key Cksof encryptions 

among the 3rd user U3. _ rw„f - nor vntjon2kb3 and 3rd private 

[0065] (12) The 3rd user U3 among whom 2nd P™^ ¥ JS? e ^ryption2kb3. and 
key Cksof encryption^ we« ' ^^tet?u^^Stey Kv^and is Ks2=D 
3rd private key Cksof encryption3kbd using tne jra u^r a ^ v 

(Cks2 kb3, Kv3). 

Ks3^(C5ks3kb3 Kv3) decoded using the 2nd decoded private key Ks2. 

Encryption original paper crop data CmuksZ is aecooea usifib h 

and it is MO=D (CmO ks2, Ks2). 

The decoded original paper crop data MO are used. _ us i n gthe 3rd 

[0066] In saving and copying the original paper ^^'^^SSflW and 
decoded private key Ks3. saving and copymg e"<W*on ^^g^^^L^ 3rd 
transmittTngthe original paper crop data MO to the «fa .user U4 fc er,c.phers ^«Stied to the 
decoded private key Ks3. and encryption original paper crop da ^ , abel ^2. 

4th user E»4 with the original copyright label LO. the 1st user label U.1 the 2nd user 
and the 3rd user label Lu3. Henceforth, the same actuation * ^ ^ key 

2?^^ - - add ^ since 

04/11/22 
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the relation of the handling of the key in this 2nd example, the original paper author, an 
information provider, and a user and the handling of a label are the same as that of the case of 
the 1st example, explaining again omits them. 

[0068] (1) The original paper author A presents the original copyright label L0, and demands 
distribution of the original private key KsO of the data control center Cd. 

[0069] (2) The data control center Cd of which distribution of. the original private key KsO was 
required creates the original copyright label fingerprint F0 from the original copyright label L0, 
enciphers the original private key KsO to which the original copyright label LO was made 
equivalent with the original copyright label LO using the original paper author's A public key Kba, 
and is CksO kba=E (KsO, Kba). 

Encryption Hara private key GksOkba is distributed among the original paper author A. 
[0070] (3) The original paper author A among whom encryption Hara private key CksOkba was 
distributed decodes encryption Hara private key CksOkba using the original paper author's A 
exclusive key Kva. and is Ks0=D (CksO kba, Kva). 

The original paper crop data M0 are enciphered using the decoded original pnvate key KsO, and 
it is Cm0ksO=E (M0. KsO). . 
Encryption original paper crop data CmOksO. the original copyright label L0, and the original 
copyright label fingerprint F0 are transmitted to the 1st user U1. 

[0071] (4) The 1st user U1 to whom encryption original paper crop data CmOksO. the original 
copyright label L0, and the original copyright label fingerprint F0 were transmitted presents the 
original copyright label L0. the original copyright label fingerprint F0, and the 1st user label Lu1, 
and demands distribution of the original private key KsO of the data control center Cd. 
[0072] (5) The data control center Cd of which distribution of the original pnvate key KsO was 
required enciphers the original private key KsO corresponding to the original copyright label L0 
using the 1st user's U1 public key Kb1 while it checks the justification of the shown original 
copyright label L0 with the original copyright label fingerprint F0 and registers the 1st user label 
Lu1. and it is Cks0kb1=E (KsO, Kb1). 

Encryption Hara private key CksOkbl is distributed to the 1 st user U1. 

[0073] (6) The 1st user U1 to whom encryption Hara private key CksOkbl was distributed 

decodes encryption Hara private key CkOkbl using the 1st user's U1 exclusive key Kv1. and is 

KsO=D(Cks0kb1,Kv1). ... • * i, w 

Encryption original paper crop data CmOksO is decoded using the decoded onginal pnvate key 

KsO. and it is M0=D (M0, KsO). 

The decoded original paper crop data M0 are used. 

[0074] (7) In saving and copying the original paper crop data M0. the original copyright label L0. 
the original copyright label fingerprint F0, and the 1st user label Lul are shown again, and it 
requires distribution of the 1 st private key Ksl of the data control center Cd. 
[0075] (8) The data control center Cd of which distribution of the 1st pnvate key Ksl was 
required enciphers the 1st private key Ks1 which checked the justification of the 1st shown 
user label Lu1 with the original copyright label fingerprint F0. and was made to correspond to 
the 1st registered user label Lul using the 1st user's U1 public key Kb1, and is Ckslkbl^E 
(Ks1,Kb1). 

1 st private key Cksof encryption 1 kb1 is distributed to the 1 st user U1 . 
[0076] (9) The 1 st user U1 to whom 1 st private key Cksof encryptionl kb1 was distnbuted 
decodes 1st private key Cksof encryptionl kb1 using the 1st user's U1 exclusive key Kv1. and is 
Ks1=D (Cks1 kb1. Kvl). . j _ . , , 

It enciphers using the 1st private key Ks1 which had the onginal paper crop data M0 decoded. 

and is CmOksl =E (M0, Ks1). - 

In saving and copying as encryption original paper crop data CmOksl and transmitting the 

original paper crop data M0 to the 2nd user U2. it enciphers using the 1st decoded pnvatekey 

Ks1. and transmits as encryption original paper crop data CmOksl with the onginal copyngnt 

label LO. the original copyright label fingerprint F0. and the 1st user label Lul. 

[0077] (10) The 2nd user U2 to whom encryption original paper crop data CmOksl, the onginal 

copyright label L0. the original copyright label fingerprint F0, and the 1st user label Lul were 

transmitted presents the original copyright label LO. the original copyright label fingerpnnt FO, 
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the 1st user label Lul. and the 2nd user .abe. Lu2. and demands distribution of .he 1st private 
key Ks1 o» the data control centered. ,«« tr ih„ij 0 „ rfihe 1st private key Ks1 was 

[067a (10 The data control 0 enter ^Cd of wh,c ^^^f^Uj tie 1st user label Lu1 
required checks the juration ,of the ^.^™'^ rt ^™ e ck ' ed that the 1st user label Lu1 is 
„ith the original copyright ^. fin «f^^C^ Lu2, enciphers respectively the 1st 
™^°g d to r « ^ U1 using the 2nd user, puh,ic key Kb2. 

r^rW-ktytkS^tionl^is «*— 

^t^n^ crop data CmOksl is decoded using the 1 st decked private key Ks1. 
a nditisM0=D(Cm0ks1. Ks1). 

The decoded original paper crop data MO are used. copyright label LO, 

[0080] (13) In saving and cc >pyin g the onguial ^^M^^^l^ — labe » Lu2 a ~ 

^81] (U)The - 

required enciphers the 2nd pnyate Ke .^~ . finfferorint R), and was made to correspond to 

- b,ic key "* and ls Cks2kb2=E 

S'p^te key Cksof encryption2kb2 is ^ h ^^ n ^^2 was distributed 

ffiSSSCffl SS£S^^ « — - - «■ - 

£ LlSe^S Private key Ks2 which had the original paper crop data MO decoded. 

original paper crop data MO to the 3rd user U3. * data Gm0ks2 with the 

Ksl and transmits to the 3rd user U3 as ^^Z^^ Fo Z^st user label Lul. and 
original copyright label LO. the onginal copyright label fingerprint ru, xn 

the 2nd user label Lu2. • rt9nf>r eroo data Cm0ks2 was 

[0083] (16) The 3rd user U3 to ^S^J^mSZSS*M F0 - 
transmitted with the ^^'^"^^^^^o^Soopv^ label LO. the 
1st user label Lu1, and *e 2nd user label |^ Presente the * ^ ^ ^ ^ ^ 3rd 

U KS2 of the data oontro, center 

SU (17) The da* corrtro. center Cd of which «^ - ^^iffi 3 £f « »-r 
required checks whether the original copyright J label LOJ Uw> 1st user ^ ^ 

label Lu2 are just with the original «^ J^*JE^,^^r label Lu3. enciphers 

% M «^r— = was d^ibuted 

•SoSnafpa^crop data Cm0ks2 * decoded using the 2nd decoded private key Ks2, 
and it is M0=D (Cmt) ks2, Ks2). 

The decoded original paper crop date MO -re used. ^ copyrieht , abe | LO, 

[0086] (19) In saving and copying the original paper crop u 
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the original copyright labe. fingerprint FO, the 1* 

3rd user label Lu3 are shown again, and rt. requires distnbution of the Jro private y 



££££ us£ *e 3rd private key Ks3 which had the original paper crop data MO decoded. 

SdSwlKuU and the 3rd user label Lu3. Henceforth, the same actuation ,s repeated 
fflwSa^onKTti key required for use of work data for decode is distributed first ,n the 

ZSZZJSL da* of processing coming to hand to reproduce process™* j»*d-j. 

£ces2"g scenario afe not specified, reappearance of process.ng dat, and 

when dividing into „ M changing an array line «o, anu dividing — a primary 

+u» n ri»!nai Hirfa A the orieina data elements A1 and AZ ana m - aivlu,n & r . 

IstS .SS» - ffl -y divide into *ese ^.3^^^ 
a L "A1+Y1+A9+X2+A3+X3 " may be obtained In these cases, division of the alteration ot 

overemphasized that a user's original copynght e*sts in the daw X ^ and c , 

E0093] In creating new ^ * i^'T^tSE^ * and C. 

when obtaining processing data A+B+C . r , comoming . S *^J „ « . . , d ^ ^ q an d 

S^nl^^^ 
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B, and C _ the original data elements A1 and A2 and A3 B1 M. B^^. and C2 and 
C3 dividing — a user's data XI. X2, and X3 — processing data — — A1+B1+C1+X1+ 
Si^SS^XZ*- - +A3 + B3 + C3 + X3 + ..." - it may obtain Also in these cases eo^rtanM 

or more original data with which it was divided and ^K^t^t^ "and 
«f two or more original data, the combination of two or more ongmal data and user dat* and 
iTor m^^^^ divided, and user data needs to be respectively set as the object 
T 2 nd o^dTr^pynghtand needs to protect such 2nd order^opyrighta. moreover, the data 
XI X2 aS^S L user added - it cannot be overemphasized that a user's ongma. 

A B and C was shown in drawing 9 . This technique processes data by tine >crf :& 

technique which extracts Elements a, b, and c from the ongma data A, B, and C (cut), sbeks 

SSTS ^sTats a r e ^r^^n or add-on o f an o*e«t or. 
£ 0 1T^ waTaT^ and user data are data Di^n of 

o?two or more original data and user data, and two or more ongmal, data And the ^"bon 
of two or more original data which were array-changed and were d,vided, and user data ,s also 

object of a data management system. n . +hfe oroC essine: 

management can be performed. Furthemwr^ rfagentr^ertod software « adopted 

totlpTda. feature with its autonomy, adaptability, -1^^^^ 

copyright management center side can know a user database ^ J^J^' ^ m of a da^ 

moment perform by incorporate this agent £«^.n*^ ^men 

copyright managerial system . make a user database use gestaft -superv.se *n 

that the information which contain a use data deta. . ^ 0 ^^^l°^^^ G 

Iter ring function user terminal equipment be also 

database or copyright management center s.de - Therefore an - , dala 

«»e^ 
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distribution of the original private ^^^^Xi of the original private key KsO was 
[0103] (2) The data control center Cd £ v^ch Q ^ copyright labet L 0 was 

required enciphers the , origina ™ public key Kba with the original copyright 
made equivalent using the original paper author s m ru 

,abel L0 and is C* 1 ^^^*^ distributed among the original paper author * 
Encryption Hara pnvate key CksuK&a is ™»™ control center Gd for the original 

[0104J Algorithms, such as MD5 are .used for ^ ^J^^* one directi on hash, for 
copyright label L0 at^s .1L. fingerprint F0. and distributes it to 

example, amount of data, creates ^the mra w d about each proCessing work . 

and it is transmitted with a woric en crvotion Hara private key CksOkba was 

^H.^U the decode origi™, Mr KsO. .0 

I^^"-P d~ Cn^*e origina. copyright M IA - *. original 
copyright label fingerprint F0 are transm*ted to * e J^"^"Vop ^ Qn)0ks0 , the original 
to' WOW The 1 St user U1 to whom encryPOon ^^.^^littod presents the 
copyright label L0, and the <^. ee f vn ^^fS^^t F0. and the 1st user label Ul. 
original copyright label LD, the original fP^J*^?lrfSedrt. control center Cd. [0107] 
and demands distribution of the original pnvate ^ K ^^/ n ^ pr £S= key KsO was required 
(5) The data control center Cd of wh«h dujtnbubon i oft£ V ^Z^ UM u> using the 
Uhers the ^^^^S^SSS^i ESSrl*- o^yright 

^^SnSS^K ^tl^rint F0 and retfsters the 1st user .abe, Lul. and 

.0-0*1 - ^JfStr^er^OKbt was distributed 

tZXSSSA crop data CnmsO is decoded using the decoded origins, private Key 
tMiStp data M0 are processed using a processing too. and the 

processing work data Me1 are obtained. cr - ate d original paper crops with 

Eo109] Thus, the copyright of the original paper £ftjr £^££d Jg^ ^ 
the copyright of the 1st user who processed *^*V*?^£ M paper crop data M0 with 
data M.1. The copyright of the <5^^^ r 2^tS^ri^lS L0, and the original 
the original private key KsO to which the ^^^^^S^ ™de equivalent, and the 
copyright label fingerprint F0 and the ^^^ u^ 1* — ' ,abel Lu1 
1st private key Ks1 made to correspond to the 1st use ^ro^e^e work data Me1 is not 
AlthUh it can protect -cethe key ^^^^ data Mel is not in 

prepared, the secondary copyright of the isx user 

the condition of still being protected. of the 1 st user about the processing 

[0110] (7) In order to protect the secondary oopyntfrt. rftha^ *^ s ^ ^ and ^ 
work data Me1. use the 1st user label ^"£*^£Z££Z» *e information and 
electronic fingerprint in the 3rd example. V J^^Z^ZtB and the used processing 
the contents data of processing of the used ong, ^J'^^^^ and data will be 
tool can express a processing work as e*V ^^^'JZe ^ondary protection of 
entered in the 1st processing label Le1. Furthermore, tor tne sec 
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1 11 chnws the data control center Cd the 1st 
copyrights in future circulation processes, a user U1 s ^ owS yright ls performed by this. 

Posing label Lei. and 7^°"/^^^^ label Le1 While checking the 

[01 1 13 (8) The data control center Cd shown the J stp^ cop ^^t label fingerpnnt 

ustification of the shown ongma. g^gft* electronic fingerprint F1 of the 1st 
FO and registering the 1st processing label Le I no whJch ^ 1st 

Accessing label Le1 is created, ^J"^^^ P ubKc ^ rf *• ^ ^ 

processing label Le1 was made f^^^^el, Kb1). 

U1 of a data control center and <t " ^j?^^ Iabe! Le1, 1st processing private key 
With the electronic fingerprint Fe1 of tfie 1 st processing , 

Okseof encryptionlkbl is sent to the 1 st , rf n ^ proce ssing private key 
rol12l (9) The 1st user U1 to whom the electronic ™ distributed decodes 1st 

e X c,usivekeyKv1.andis 

S?S profess^ <*a Mel are enciphered using the decoded 1st processing key Kse1. 

processing copyright label Le the 1 fame aeration is repeated. 

Emitted to the 2nd user U1. H ^^ c ^ontc fingerprint Fe1 of the 1st processing 
[Q1133 In the 3rd example, although only the B J . transmitted with the 1st 

copyright label Le1 and the 1st ^^^S^^^^ data transfer, it can also 
processing work data Cme1 of encryption at the time or p transmitted to 

constitute so that other labels ^^f^**^ using two or more work 

coincidence, though carried ^^rntt^S plTal^L «Hh many work data 1 the case 
data as shown in dj^wiryj .has ^.^^ emanation not becoming redundancy 
of processing using single ,dat* **£o^J^ the 2nd example, and the 3rd 
[01143 In the system of the 1st ^JSIito key and the private key for re-encryption 

example, work data are enciphered ™™** P ™^*c\pY and a transfer is distributed by 
used for the private key for decode and P re ? e ^ n ' ^ £ ente d. 

the data control center based on the ^^^J^^ZX* with which the data control 
[0115] Since all are beforehand ^^JS^ the private key for re- 
center attested justification, these private key* fo ^£ center indirectly. Moreover, since 
encryption will have received authentication ^^^^^ data transmitted. 
It is^ed in order that these private keys may tnmnM ^ dm> be ; 

data itself to a data control center. it can ™ton represented by PGP. Thus, the 

process is a horizontal dispersion mold "J^S^S^e dependability of a hierarchical 
authentication system !^ col ^^S^5S5i treatment of a horizontal dispersion 
authentication system is high, and ^^^^ examp | e is realized, 
mold authentication system is ^ple by the ^£ ot us , work data and the action are 
[0117] Moreover, all the contents of the acbon "™ presented, and - since use 

grasped in the data control center by the user ™ data CO ntrol center — him. each 

Sing processing of a work ^^^^J^^ certification of hysteresis are 
user, -v^ile a check is ensured, the cortente^^^ 

performed by checking the contents of * e ^7 is P ^ to carry out the certification 
certification is applied to e^ 0 ™ 0 ™™™^ ^er i t "electronic authentication 
of the contents of dealings by the data contrc 1 . center. the procesS ing label - 

moreover, a user label - or the case the data of a label will 

- a user label - or if a computer v-»s mvadei » "^PJ^ inv f sion ^ a compU ter virus is 
change and. as a result, a hash value wjl change. cha d when hash value; 
detectable by verifying a digrta "J^TjjT^ signature - a user label - or smce 
ization was performed, even if it did not perform a digital sign 
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the processing label is invalid, invasion of a computer ^ "f^JJ^ example ] , icen se 
Sl18] In the case of the distributed <***V* tA^^^ Gut the 

network system, use of the network ^^^J^^e equipment; but performs 
data storage equipment of the former wh^h has ^^m£££ Furthermore, using the 
only I/O of data and processmg of data .s taker, L'^ompuier which does not have even a 
network computer like dS Is a^ken into consideration. Since 

s:— — - * cannot — * r copy work 

SS« an applied « = Jj ^<^j^ t^yt.X^s 

does not have data storage equipment used by ^ u ^'f^^ usua , J data equipment 

computer which Z^£Z£Z other M> » *° 

S?22lTrawin ff 1 1 explains the 4th example. In this example, the original copyright person and 

DMM 11^5* explains the case where ~ or m ore wo* « 

SZJh^e 1st user U1 shows 3 data control ^^^^g^SX^* ■» 
crop data MOi 0= 1. 2. 3 J is collected from the I fcrary of data o f * e 'n£™^ * an B the 1st 

Cm01kb1=E (MO i. Khl). 

S^SSSnll paper crop data OmOikbl and the encryption processing tool Cpekbl are 
httpy/wvm4JpdLncipi.gojp/cgi^iri/tran_web_cgi_ejje 04/11/22 



flouted a,nong the 1st user U1. In addition^ 2* 
(b _ «,« use situation of original paper crop data Mui ana tne p 

££Sd on a dab, control center, and U crop date OnOikbl and the 
[0125] (3) The 1st user U1 to whom ^JS^^odes encryption original paper crop data 
enerypoon processing were SsUuted using the 1st users 

CmOikbl and the encryption processing too 
uTexdusive key Kvl, and is MO i=D (CmO .kb1, Kv1). 

Pe^D(Cpekb1,KvD . dec0 ded using the decoded processing 

OH^na. paper crop da* ™«£^^&T5& t 2. 3 J is obtained. . 
tool Pe is processed, and 1 st j>roces s *° work data MH enciphers 1st scenario Sli 

[0126] (4) The 1st user UV ^ ^J^^S worTdata MV. with the public key Kbc of a data 
. which is processing data about ^ P™=^' nB w0rK 
control center, and is Csl ikbc=E (SI *. **o>. ljkbc fe shown to the data control 

cTr^e^ 

S^S^M^ the data con*., center Cd, »,d is 

S1 i=D (Cslikbc, Kvc). on the 1st user s U1 shown user label and 

The 1st processing label Le1 ,s created based on the ^ ^ lst 

decoded 1st processing scenario SI \* -J^. n J^" pubHc ke y Kb1. and it is Cle1kb1=t 
processing label Le1 is enciphered using the 1st users ui p 

jessing label Cleof " ^-onl*] %^^%ToV^^ was fitted 

Si decod^ ffilS^W- Le1 is encored using the 2nd user's U2 public key Kb2. and 
it is GIe1kb2=£ (Le1, Kb2). . ;++ . t t u e 2nd user U2 f 1st 

the 2nd user U2. e+^mtre eauiDment collection work data or 

[0129] When the 1st user's U1 computer has data t o prevent preservation, 

Processing data may be saved to ^^^^^t^Z performed. In addition, in 
a copy, and a transfer. P roh.brbon ^^^^^ 2 % electronic fingerprint Fl 
this case, instead of 1st processing ; label ' ^J^flon hash value can also be used, and a 
which formed the 1st processing label into the ^^^^^a by doing in this way. 
transfer of the simplified processing label wrth ^^^^iSpitonlWa was transmitted 
[0130] (7) The 2nd user U2 to whom 1* ^ 2nd user's U2 
decodes transmitted 1st processing label < Cleot encrypu n 

WpS^ « U1 S£ the 2nd user's U2 elusive Key Kv2, and it is 

t-prLssing .abe, C,e1W2 is shown to the data control center Cd with the 2nd 

user label Lu2. c u rtW n -the data control center Cd shown 

[0131] (8) encryption 1st - the encrypt.cn f^*^^^ C le1kv2 - the 2nd 
processing label Cle1kv2 and the 2nd user l?beU.u2 ; P«£J« ^ 

SSng^ 

5& Thl data control center Cd which reproduce; J 1st J^J^ffiS^ 
1st processing work data M1i and the processing tool Pe using tne i 
Kb2. and is Cm1ikb2=E (M1 i, Kb2). 
Cpekb2=E(Pe.Kb2) 

L . .. 04/11/22 
hnn//www4.iodl.ncipi-fiojp/cgr-bin/tran_web_cgi.ejje 



encryption 1st - Process™ «-* **■ Cm1lkbZ °" C ™ M °" ^ ^ 

are transmitted to the 2nd user U2. 1 process i ng WO rk data 

Pe=D(Cpekb2.Kv2) , dec oded using the decoded processing 

1st processing wo* : djt. .Ml, Sc P 1. 2, 3 „) is obtained . _ 

tool Pe is processed, and 2nd p ™^^™ essing work data M2i enciphers 2nd scenano S2i 
rrST^SK M* WHH tne puUic ^ Kb. - . 

centered. 2d scenar jo Csof encryption2ikbc decodes 2nd 

^°p^^ 

^ n ^ P ^l™^nV^ — U2 p ubli c M, KU. and * is CM*** 

SS ^c^^tf^Lvplion^ is t^nsm-tted to the 3,0 user US. Henceforth, the 

same actuation is repeated. nrocessinE label with which the information, 

[0137] The management P^^^^t^S^Sf^ information, -ta, the used 
the processing scenano. and processed User l " to ™ a . fa ^ is saved onlv in the 
original-paper crop data. which l^T^^^o^ *e other hand, and the 
database concerning C a user] P^cessin g to a us e ^ processing label is encphered, 

processing tool which used were '^ e ^ a ^f^^ is distributed object system, 
and it is transmitted among users « ^n^ed £ nCt have work data. 

Therefore, preservafon and being ^^"^SlS are used in the system of this example. 
[0138] Moreover, only a P^^.^^^SmZ^ data control center, and since 
as for this public key. justification is beforehand attested by the ^ authentication 

the authentication by this data «^ •^^S^SbS transmitted is beforehand 
system represented by PEM L And ^J^^Sbtc^ center attested justification 
enciphered with the user puWic key received authentication of a 

and it is transmitted, the contents will have th ° °*ffj^ n l m jtted without transmitting this 
data control center indirectly. ^^^^^^ ST authentication performed 
processing label itself to a data control center. m represe nted by PGP. 

Tn that process is a horizontal ^^J^^^S^^ dependability of a 
Thus, the authentication system ^* ?^*SwSaSSSl^ the treatment of a horizontal 
hierarchical authentication system ,s high. !^^5j^2n of » example is realized, 
dispersion mold authentication system .s s, J p,e ' ^ e J^^f w0rk data and the action are 
[0139] Moreover, all the contents of the ^^^^^^^ and - since use 
Uped in the data control ^T a ^er7^o^t control center - him. each 

including processing of a work ,s artoge ^»^°™ Q(k data and certification of hysteres.s are 

user. - while a check \' n ^^J^^^^ pnv ^ When tWs contents 
performed by checking the contents of the action, ana P * ^ the cert rfication 

certification is applied to 

of the contents of dealings by the data control center. 
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[0140] ^hermore, a user label J- 
processing label - a user label - or rf ■ wi „ change . Therefore, invasion of a 

data of a label will change and as • * ^S^S HASSHUCHI which changed when 

computer virus is detectable by "^•^J?^T*&* signature - a user label - 
hash value-ization was performed even if it *?^ p _^^^» is detectable. 
- or since the processing label is uSes work data also in 

[0141] since [ moreover, all the ^^^^To^ol center by the user label which the 
this example, and the action are ^ ed ^^/^ f ^L s ^ m - although - it functions 
user presented — any of the above-mentioned charging syste 

effectively. . wstcm 0 f [5th example] this invention to 

electronic commerce is explained drawing 14 v 

processings are performe d *^ B »J2?S goods catalog through a network, and makes 
(1) User (need person) U peruse s P rok ^ s Jl^ 0 . as an estimate about the order of goods 

(producer) M public key Kbm. and is Crkbm-E (R. Kbm). 

Cks1kbm=E(Ks1,Kbm) 1st — private key Cks1 kbm is sent to 

the encryption demand Crkbm and encryption 1 st pnvax 

R=D (Crkbm and Kbm) 

Demand R decoded, and is Oqmks1=E (On, Ksl ). _ 

The encryption dealings data i Cqmksl J*. Cqmks1 we re sent decodes the 

[0145] (4) The broker S to whom the «no™pt£n f°*g£^ ^1. and is Q=D (Cqksl. KsD. 
Z^^^t^J^^ the^nd pnvate Key Ks, and it is 

aSitSS !SU is encored usin E a user's pubiio W^-"-*-** . 
ST legion dea^ data and encryption 2nd - private Rev CKs^u is sent to 

ffitfaD the encryption dealing data ^ ^^^^-^tXive 
nrivat - Upv Cks2kbu was sent — encryption 2nd private is y 

% SS - ^^«2££ S££ 2nd decoded pHvate Ke ¥ Ks2. and 
The encryption dealings data CqmksZ are aecoouu 

it is Qm=D (CqmksZ, Ks2). rf^ded dealings data Qm, data are processed, 

By writing down the contend of order " Jj^^^HL* order Qu is enciphered using 
the purchase order Qu which drew upanddrew up the pure 
the 2nd private key Ks2. and it is Cquks2=E (Qu. Ks2) 

Cqukbm=E (Qu. Kbm). ^ . . . 4. ransm jtted to Manufacturer M. . 

The encryption purchase order Cqukbm is *« n8 ™^ ~ . se order c ukbm was transmitted 
[0148] manufacturer M to "^cTu^^^ exc.usive key Kvm. and 

decodes the encryption purchase order Cqukbm using w. 
is Qu=D (Cqukbm. Kvm). 
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Order^ceived processing is performed according to the contents of the decoded purchase 

orivate key Cks2kbu was sent — encryption 2nd — private key oks^kou 

XSi and decoded pHvate key Ks, end 

it is Qm=D (Cqmks2. Ks2). ^ . a^^a-a A^Unm data Qm, data are processed, 

the 2nd private key Ks2, and it is Cquks2FE (Qu, Ks2). 

transmits the encryption purchase order CquksZ to ^^(tted 

2^2£5S j^rsKSr ssa. ^ «* .nd , 

Kcodel purchase order Qu is enciphered using Manufacturer's M public key Kb* and it is 
Gqukbm=E (Qu, Kbm). 

It transmits to Manufacturer M. . ^..ri,- transmitted 

is Qu=D (Cqukbm, Kvm). a to ^ conte nts of the purchase order Qu. 

computer software performed through a n ^^;" ^ kev Kvm and the software P 

case. Manufacturer M enciphers using a manufacturer s exclus.ve key Kvm, an 

dealt with is Cpkvm=E (P. Kvm). Broker S decodes the transmitted 

The encryption software Cpkvm «^^^^^^^ S J^^P^} (Cpkvm. 
encryption software Cpkvm using Manufacturer s M public key Kbm. ana rc is ~h 

Software P with which Broker S was decoded is enciphered using User's U public key Kbu. 
£ en^lfontoWe U Cpk b u is transmitted to User U, and User U decodes the transmitted 
encryption software Cpkbu using the exclusive key Kvu. 

ES&EL* athough.distH^r ^^^^ttl^S^ 

%S^X£E£ a^eXrned through a broker £. f^-— .1 » 
drawing 12 (a), generating of the various fadures by I by^SDBJZ (b). in 

process is prevented beforehand. Moreover, when [ ««^ oral ^^ a ^" ^Tteperrbrrr, 
£der for a manufacturer to get to know the contents of the ^^^^J^, brok er 
order-received processing, it is necessary to transmrt. an fS^M^^^I participate 
and to have you dec-wtj * ^^^^ J SS^ErTSiWU. 
in a dealings process also m this case. B enera y|HS » ^Aatto In addition, it is sent 

be sent 
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* NOTICES * 

,.This document has been translated by computer. So the translation may not reflect the 
«ord which can not bo translated. 




[Brief Description of the Drawings] 

A label and the explana ^ ^^Sr and the data body. 

gats E sss v ^ s 5 : - - • - *• - body - 

^S^outline block diagram of the digital data manager*, system of the 2nd example 
.Sanatory view of the technique which generates on. data from two or .ore 
^MThe outline bfcck diagram of the digital data manageriai system of the 3rd example 
{______?£. ouoine block diagr«n of the digita. data manageria, system of the 4th example 

g^ZSrS. outiine block diagram of the digita. data managerial system of the 3rd example 
of this invention. 
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